using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
using System.Security.Cryptography;
/// <summary>
/// Summary description for processUser
/// </summary>
public class processUser:DBConnectionTool
{
	public processUser() : base()
	{
		//
		// TODO: Add constructor logic here
		//
	}


    //getUserID method used to general userID automatically
    public string getUserID()
    {
        OpenCn();
        SqlCommand cmd = new SqlCommand("select right(max(UserID),4) from Users", cn);
        String s = cmd.ExecuteScalar().ToString();
        Int32 result;
        if (Int32.TryParse(s, out result))
            result++;
        else
            result = 1;
        int l = result.ToString().Length;        
        int count = 4 - l;
        string sresult = "Use";
        for (int i = 0; i < count; i++)
        {
            sresult = sresult + "0";
        }
        sresult = sresult + result;
        CloseCn();
        return sresult;
    }
    public DataTable listUser()
    {
        OpenCn();
        SqlDataAdapter da = new SqlDataAdapter("select * from Users", cn);
        DataTable dt = new DataTable("Users");
        da.Fill(dt);
        CloseCn();
        return dt;
    }

    //getUserID1 method used to get userID from database
    public string getUserID1(string UserName, string Password)
    {
        OpenCn();
        SqlCommand cmd = new SqlCommand("select UserID from Users where UserName=@UserName and Password =@Password", cn);
        cmd.Parameters.Add(new SqlParameter("@UserName", SqlDbType.NVarChar, 200));        
        cmd.Parameters["@UserName"].Value = UserName;
        cmd.Parameters.Add(new SqlParameter("@Password", SqlDbType.NVarChar, 200));
        cmd.Parameters["@Password"].Value = Password;        
        string result = cmd.ExecuteScalar().ToString();
        CloseCn();
        return result;
    }
    

    //getUserDetail method used to get information detail of Users
    public DataTable getUserDetail(string UserName)
    {
        OpenCn();
        SqlDataAdapter da = new SqlDataAdapter("select * from Users where UserName = '" + UserName + "'", cn);
        DataTable dt = new DataTable("Users");
        da.Fill(dt);
        CloseCn();
        return dt;
    }

    //checkUsers method used to check user name and password of Users
    public int checkUsers(string UserName, string Password)
    {
        OpenCn();
        SqlCommand cmd = new SqlCommand("select count(*) from Users where UserName=@UserName and Password = @Password", cn);
        cmd.Parameters.Add(new SqlParameter("@UserName", SqlDbType.NVarChar, 200));
        cmd.Parameters.Add(new SqlParameter("@Password", SqlDbType.NVarChar, 200));
        cmd.Parameters["@UserName"].Value = UserName;
        cmd.Parameters["@Password"].Value = Password;
        int result = Int32.Parse(cmd.ExecuteScalar().ToString());
        CloseCn();
        return result;
    }

    //checkAdmins method used to check user name and password of Admin and Employees
    public int checkAdmin(string UserName, string Password)
    {
        OpenCn();
        SqlCommand cmd = new SqlCommand("select count(*) from Users where UserName=@UserName and Password = @Password and RuleID != 'Rul03'", cn);
        cmd.Parameters.Add(new SqlParameter("@UserName", SqlDbType.NVarChar, 200));
        cmd.Parameters.Add(new SqlParameter("@Password", SqlDbType.NVarChar, 200));
        cmd.Parameters["@UserName"].Value = UserName;
        cmd.Parameters["@Password"].Value = Password;
        int result = Int32.Parse(cmd.ExecuteScalar().ToString());
        CloseCn();
        return result;
    }

    //insertUser method used to add new Users
    public int insertUser(string UserID, string UserName, string Password, string FullName, DateTime Birthday, string Address, string FoneNumber, string Email,string RuleID)
    {
        OpenCn();
        SqlCommand cmd = new SqlCommand("Insert Into Users(UserID,UserName,Password,FullName,Birthday,Address,FoneNumber,Email,RuleID) Values(@UserID,@UserName,@Password,@FullName,@Birthday,@Address,@FoneNumber,@Email,@RuleID)", cn);
        cmd.Parameters.Add(new SqlParameter("@UserID", SqlDbType.Char, 7));
        cmd.Parameters.Add(new SqlParameter("@UserName", SqlDbType.VarChar, 200));
        cmd.Parameters.Add(new SqlParameter("@Password", SqlDbType.VarChar, 200));
        cmd.Parameters.Add(new SqlParameter("@FullName", SqlDbType.NVarChar, 200));        
        cmd.Parameters.Add(new SqlParameter("@Birthday", SqlDbType.SmallDateTime));
        cmd.Parameters.Add(new SqlParameter("@Address", SqlDbType.NVarChar, 200));
        cmd.Parameters.Add(new SqlParameter("@FoneNumber", SqlDbType.VarChar, 200));
        cmd.Parameters.Add(new SqlParameter("@Email", SqlDbType.VarChar, 200));
        cmd.Parameters.Add(new SqlParameter("@RuleID", SqlDbType.Char, 5));
        cmd.Parameters["@UserID"].Value = UserID;
        cmd.Parameters["@UserName"].Value = UserName;
        cmd.Parameters["@Password"].Value = Password;
        cmd.Parameters["@FullName"].Value = FullName;        
        cmd.Parameters["@Birthday"].Value = Birthday;
        cmd.Parameters["@Address"].Value = Address;
        cmd.Parameters["@FoneNumber"].Value = FoneNumber;
        cmd.Parameters["@Email"].Value = Email;
        cmd.Parameters["@RuleID"].Value = RuleID;
        int result = cmd.ExecuteNonQuery();
        CloseCn();
        return result;
    }

    //deleteUser method used to delete Users
    public int deleteUser(string UserID)
    {
        OpenCn();
        SqlCommand cmd = new SqlCommand("Delete Users Where UserID=@UserID", cn);
        cmd.Parameters.Add(new SqlParameter("@UserID", SqlDbType.Char, 5));
        cmd.Parameters["@UserID"].Value = UserID;
        int result = cmd.ExecuteNonQuery();
        CloseCn();
        return result;
    }

    //updateUser method used to update information of Users
    public int updateUser(string UserID, string Password, string FullName, DateTime Birthday, string Address, string FoneNumber, string Email)
    {
        OpenCn();
        SqlCommand cmd = new SqlCommand("Update Users set Password= @Password, FullName= @FullName, Birthday= @Birthday, Address= @Address, FoneNumber= @FoneNumber, Email= @Email where UserID=@UserID", cn);
        cmd.Parameters.Add(new SqlParameter("@UserID", SqlDbType.Char, 5));        
        cmd.Parameters.Add(new SqlParameter("@Password", SqlDbType.VarChar, 200));
        cmd.Parameters.Add(new SqlParameter("@FullName", SqlDbType.NVarChar, 200));        
        cmd.Parameters.Add(new SqlParameter("@Birthday", SqlDbType.SmallDateTime));
        cmd.Parameters.Add(new SqlParameter("@Address", SqlDbType.NVarChar, 200));
        cmd.Parameters.Add(new SqlParameter("@FoneNumber", SqlDbType.VarChar, 200));
        cmd.Parameters.Add(new SqlParameter("@Email", SqlDbType.VarChar, 200));        
        cmd.Parameters["@UserID"].Value = UserID;
        cmd.Parameters["@Password"].Value = Password;
        cmd.Parameters["@FullName"].Value = FullName;        
        cmd.Parameters["@Birthday"].Value = Birthday;
        cmd.Parameters["@Address"].Value = Address;
        cmd.Parameters["@FoneNumber"].Value = FoneNumber;
        cmd.Parameters["@Email"].Value = Email;        
        int result = cmd.ExecuteNonQuery();
        CloseCn();
        return result;
    }

    //updateCustomer method used to update information of Customer
    public int updateCustomer(string UserID, string FullName, DateTime Birthday, string Address, string FoneNumber, string Email)
    {
        OpenCn();
        SqlCommand cmd = new SqlCommand("Update Users set FullName= @FullName, Birthday= @Birthday, Address= @Address, FoneNumber= @FoneNumber, Email= @Email where UserID = @UserID", cn);
        cmd.Parameters.Add(new SqlParameter("@UserID", SqlDbType.Char, 7));        
        cmd.Parameters.Add(new SqlParameter("@FullName", SqlDbType.NVarChar, 200));        
        cmd.Parameters.Add(new SqlParameter("@Birthday", SqlDbType.SmallDateTime));
        cmd.Parameters.Add(new SqlParameter("@Address", SqlDbType.NVarChar, 200));
        cmd.Parameters.Add(new SqlParameter("@FoneNumber", SqlDbType.VarChar, 200));
        cmd.Parameters.Add(new SqlParameter("@Email", SqlDbType.VarChar, 200));
        cmd.Parameters["@UserID"].Value = UserID;        
        cmd.Parameters["@FullName"].Value = FullName;        
        cmd.Parameters["@Birthday"].Value = Birthday;
        cmd.Parameters["@Address"].Value = Address;
        cmd.Parameters["@FoneNumber"].Value = FoneNumber;
        cmd.Parameters["@Email"].Value = Email;
        int result = cmd.ExecuteNonQuery();
        CloseCn();
        return result;
    }
    /// <summary>
    /// Convert result in user's device into OTP to login
    /// </summary>
    /// <param name="pas1"></param>
    /// <returns></returns>
    public string enCript(string pas1)
    {
        int xx;
        xx = pas1.GetHashCode();
        return xx.ToString();
    }
}
